Glossary of Acronyms - Appendixes- Hacking Wireless Networks (2015)

Hacking Wireless Networks (2015)

Part V

Appendixes

Appendix B

Glossary of Acronyms

3DES: Triple Data Encryption Standard

ACK: Acknowledge

ACL: Access Control List

AES: Advanced Encryption Standard

AES-CCMP: ES-Counter Mode CBC-MAC Protocol

AES-WRAP: ES-Wireless Robust Authenticated Protocol AH: Authentication Header

AP: Access Point

BBWA: Broadband Wireless Access

BER: Bit Error Rate

BSS: Basic Service Set

BSSID: Basic Service Set Identifier

CCK: Complimentary Code Keying

CF: Compact Flash

CHAP: Challenge/Handshake Authentication Protocol CRC: Cyclic Redundancy Check

CSMA/CA: Carrier Sense Multiple Access/Collision Avoidance CTS: Clear to Send

29_597302_appb.qxd 8/4/05 7:08 PM Page 342

342 Part V: Appendixes

DB: Decibel

DBm: Decibel per milliwatt

DBPSK: Differential Binary Phase Shifting Key

DCF: Distributed Coordination Function

DDoS: Distributed Denial of Service

DES: Data Encryption Standard

DHCP: Dynamic Host Configuration Protocol

DiGLE: Delphi imaging Geographic Lookup Engine

DMZ: De-Militarized Zone

DoS: Denial of Service

DQPSK: Differential Quadrature Phase Shifting Key DSSS: Direct Sequence Spread Spectrum

EAP: Extensible Authentication Protocol

EAP-TLS: AP-Transport Layer Security

EAP-TTLS: EAP-Tunneled Transport Layer Security

EAPOL: EAP Over LANs

ESP: Encapsulating Security Protocol

ESS: Extended Service Set

ESSID: Extended Service Set Identifier

FCC: Federal Communications Commission

FH: Frequency Hopping

FHSS: Frequency Hopping Spread Spectrum

FIN: Finish

29_597302_appb.qxd 8/4/05 7:08 PM Page 343

Appendix B: Glossary of Acronyms

343

GFSK: Gaussian Phase Shifting Key

GHz: Gigahertz

GPS: Global Positioning System

GSM: Global System for Mobile Communications

HR/DSSS: High-Rate Direct-Sequence Spread Spectrum HTTP: Hypertext Transfer Protocol

IAPP: Inter-Access Point Protocol

IBSS: Independent Basic Service Set

ICAT: Internet Categorization of Attack Toolkit

ICV: Integrity Check Value

IDS: Intrusion Detection System

IEEE: Institute of Electrical and Electronics Engineers IETF: Internet Engineering Task Force

IKE: Internet Key Exchange

IP: Internet Protocol

IPS: Intrusion Prevention System

Ipsec: Internet Protocol Security

ISM: Industrial, Scientific, and Medical

ISO: International Organization for Standardization IV: Initialization Vector

JiGLE: Java-imaging Geographic Lookup Engine

Kbps: Kilobits per second

KHz: Kilohertz

29_597302_appb.qxd 8/4/05 7:08 PM Page 344

344 Part V: Appendixes

L2TP: Layer 2 Tunneling Protocol

LAN: Local Area Network

LBT: Listen Before Talking

LDAP: Lightweight Directory Access Protocol

LEAP: Lightweight EAP

LLC: Logical Link Control

LOS: Line of Sight

MAC: Media Access Control

Mbps: Megabits per second

MD5: Message Digest 5

MHz: Megahertz

MIB: Management Information Base

MIC: Message Integrity Check

mW: Milliwatt

MIMO: Multiple-In/Multiple-Out

MITM: Man-in-the-Middle; Monkey-in-the-Middle

NIC: Network Interface Card

OFDM: Orthogonal Frequency Division Multiplexing

PAP: Password Authentication Protocol

PCF: Point Coordination Function

PCMCIA: Personal Computer Memory Card International Association PDA: Personal Digital Assistant

PEAP: Protected EAP

29_597302_appb.qxd 8/4/05 7:08 PM Page 345

Appendix B: Glossary of Acronyms

345

PED: Personal Electronic Device

PKI: Public-Key Infrastructure

PoE: Power over Ethernet

PPTP: Point-to-Point Tunneling Protocol

PS-Poll: Power Save Poll

PSK: Pre-Shared Key

QAM: Quadrature Amplitude Modulation

RADIUS: Remote Authentication Dial-in User Service RBAC: Role-Based Access Control

RC4: Ron’s Code 4

RF: Radio Frequency

RF LOS: Radio Frequency Line of Sight

RSA: Rivest-Shamir-Adelman

RSN: Robust Security Networks

RTS: Request to Send

SME: Small-to-Medium Enterprise

SNMP: Simple Network Management Protocol

SNR: Signal-to-Noise Ratio

SOHO: Small Office Home Office

SSH: Secure Shell

SSID: Service Set Identifier

SSL: Secure Sockets Layer

SYN: Synchronize

29_597302_appb.qxd 8/4/05 7:08 PM Page 346

346 Part V: Appendixes

TCP: Transmission Control Protocol

TCP/IP: Transmission Control Protocol/Internet Protocol THC: The Hacker’s Choice

TKIP: Temporal Key Integrity Protocol

TLS: Transport Layer Security

UDP: User Datagram Protocol

USB: Universal Serial Bus

VPN: Virtual Private Network

WAP: Wireless Application Protocol

WEP: Wired Equivalent Privacy

Wi-Fi: Wireless Fidelity

WIDS: Wireless Intrusion Detection System

WiGLE: Wireless Geographic Logging Engine

WISP: Wireless Internet Service Provider

WLAN: Wireless Local Area Network

WMM: Wi-Fi Multimedia

WPA: Wi-Fi Protected Access

30_597302_bindex.qxd 8/4/05 7:27 PM Page 347

Index

• Symbols and

Airjack suite MITM software, 209

AirMagnet

Numerics •

Laptop Analyzer, 219–220

packet analyzer, 119

^M character ending text files, 49

wardriving software, 173

802 work group, 9

Aironet 340 antenna (Cisco), 94

802.11 standards

AiroPeek and AiroPeek NX sniffers

complexities of, 14

deauthentication attack viewed in, 247–248

DoS attacks and, 226–227

described, 35, 218

802.11i (WPA2), 10–11, 275–277, 278

detecting network anomalies with, 130

encryption features, 255–257

Expert analysis, 189–190

frame authentication lacking in, 226

finding unauthorized equipment with,

management-frame attacks exploiting,

188–191

209–211

overview, 114–115

message integrity protection and, 256–257

Peer Map creation with, 188–189

message privacy protection and, 255–256

Security Audit Template.ctf, 189

network-level attack vulnerabilities, 195–196

as wardriving software, 173

origin of name, 9

Web site, 35

reference guides, 305

AirScanner Mobile Sniffer freeware, 119

RF jamming and, 229

Airscanner wardriving software, 173

security vulnerabilities, 10–11

AirSnare WIDS program, 296

802.1X authentication, 288–290

AirSnarf program, 178

40-bit encryption, 256, 258–259

AirSnort WEP-key cracking tool, 267–269

104-bit (128-bit) encryption, 256, 258

AirTraf sniffer, 114

10pht’s AntiSniff, 130

airwaves. See controlling radio signals;

determining network bounds;

• A •

RF jamming

Amap application mapping tool, 103, 105

American Registry for Internet Numbers

access points. See APs

(ARIN), 35

acronyms, glossary of, 341–346

Anger PPTP cracker, 295

active traffic injection attacks on WEP,

Anritsu spectrum analyzer, 90

263–264

antennae

ACU client (Cisco), 289

buying wireless NICs and, 59

Address Resolution Protocol. See ARP

cantennae, yagi-style, or wave guide, 60, 62,

Advanced Encryption Standard (AES), 278

92–93

AEGIS 802.1X client software (Meetinghouse

choosing, 304

Data), 289

dipole, 93

AEGIS RADIUS server (Meetinghouse

directional versus omnidirectional, 60–61

Data), 289

DoS attacks and, 252

Aerosol wardriving software, 173

further information, 62

AES (Advanced Encryption Standard), 278

omnidirectional, 13, 60–61, 94

aircrack WEP-key cracking tool, 269–273

parabolic grid, 92

AirDefense IDS system, 80

radiation patterns, 91–94

AirDefense Mobile program, 219

signal strength adjustment, 94–95

Aireplay traffic injection tool, 263

Web sites, 335

AirJack packet injection tool, 240

AntiSniff (10pht), 130

30_597302_bindex.qxd 8/4/05 7:27 PM Page 348

348 Hacking Wireless Networks For Dummies

Antritsu RF generators, 64

frame authentication lacking in 802.11, 226

anwrap LEAP-cracking tool, 293

MAC (message authentication code), 257

AP overloading

open-system, 282

association and authentication attacks,

shared-key, 282–284

234–240

states of, 281–282

open authentication phases and, 234–235

VPNs for, 295–296

packet-injection tools for, 235–237, 240

WDMZ setup, 297

testing for, 235–237

WPA for, 293–294

unintentional, 240–241

WPA2 for, 294–295

AP Scanner wardriving software, 173

application mapping (Linux), 105

• B •

APs (access points). See also AP overloading;

SSIDs (service-set identifiers);

bandwidth, limiting, 253

unauthorized equipment

baseline usage, establishing, 251

common client vulnerabilities, 104–105

Basic Service Set (BSS) configuration, 179

default settings, 76–77

Basic SSID (BSSID), 132. See also MAC

defined, 11

(media-access control) addresses

enumeration of SNMP on, 214–216

beacon packets of unauthorized systems, 182

evil twins, 286

Beaver, Kevin

fake (honeypots), 74, 175–176

Hacking For Dummies, 2, 14, 19, 33, 56, 78,

rogue APs, 178

107, 111

searching the Internet for yours, 34–35, 71

Hacking Wireless Networks For Dummies, 1–6

signal strength adjustment, 94–95

Bluesocket IDS system, 80

WEP encryption settings, 258–259

Bochs emulation software, 46

on Wi-Fi databases, 34–35

bounds of network. See determining network

APsniff wardriving software, 173

bounds

ARIN (American Registry for Internet

broadcasts

Numbers), 35

beacon, increasing intervals, 175

ARP (Address Resolution Protocol)

SSID, disabling, 13, 129

ARP-poisoning attacks, 209, 211–213

BSD-Airtools wardriving software, 173

Network Scanner for ARP lookups, 100

BSS (Basic Service Set) configuration, 179

arping tool, 126

BSSID (Basic SSID), 132. See also MAC (media-

Arpmim MITM software, 209

access control) addresses

arpwatch (LBL), 129

The Art of War (Sun Tzu), 155

asleap LEAP-cracking tool, 291–292

• C •

attenuators, 94

Auditor Linux, 119

cables, 304

Auditor Security Collection (Knoppix), 236,

Cain & Abel password recovery tool, 120–124

274, 297–299

candy security, 68

authentication

cantennae, 60, 62

association and authentication attacks,

Capsa packet analyzer, 119

234–240

caret-M (^M) character ending text files, 49

Auditor Security Collection for testing,

Casio MIPS PDA, 44

297–299

CD distributions of Linux, 55–56

countermeasures, 293–299

CENiffer packet analyzer, 119

cracking LEAP, 290–293

CERT (Computer Emergency Response

deauthentication attacks, 242–250

Team), 27

defined, 281

certifications, 327

EAP (Extensible Authentication Protocol),

Chappell, Laura (troubleshooting book

284–288, 297

author), 130

802.11 methods, 282–283

Chase, Kate ( Norton All-in-One Desk Reference

802.1X implementation, 288–290

For Dummies), 46

30_597302_bindex.qxd 8/4/05 7:27 PM Page 349